Banks in Qatar are starting to invest in artificial intelligence-powered protections to filter malware and phishing threats as they are considered to be at the forefront of all businesses in terms of e-services, a new report has shown.
“These online banking services are essential during these times. However, the banking industry is one of the top targeted industries in Qatar,” KPMG said in its "Qatar Banking Perspectives 2020" report.
Based on previously conducted studies, it is confirmed that the most common online banking incidents are a result of malicious techniques such as hoax e-mails, computer viruses, spyware, email scams, identity theft, phishing, vishing, and eavesdropping through wireless connections, it said.
These techniques are commonly grouped and incorrectly referred to as "phishing", when they should be referred to as "fraud techniques", noted KPMG in a report authored by Amer Bazerbachi, Cybersecurity Services lead.
Fraud techniques are any malicious methods and activities that seek to steal personal or business information and used to perform financial transactions (including the sale of confidential and secret information). These fraud techniques require human interaction and errors to succeed.
“During this pandemic, financial institutions in Qatar are being attacked through both existing methods: general and specific phishing campaigns,” the report noted.
General phishing attacks are typically caused by script kiddies profiles (persons who use existing computer scripts or codes to phish as they lack the expertise to write their own).
In contrast, specific phishing attacks are more sophisticated and are carried out by hacking groups targeting banks themselves instead of individual customers, thereby potentially gaining a more considerable windfall.
These hackers, kiddies or sophisticated, are using the overwhelming amount of news coverage surrounding the novel coronavirus as well as the eagerness that people have to get more information related to the virus, to send phishing emails related to the topic, the report said.
This situation makes the employees and clients more susceptive to the hacker's trap, making the Covid-19 virus not only a real-life illness that can affect the client's and employee's health, but also a virtual virus that can affect their economic health.
Google says they observed more than 18mn daily malware and phishing e-mails related to Covid-19 scams during the first week of May 2020.
This number is excluding the over 240mn daily spam messages they observe related to the novel coronavirus. Statistics show that more than 20% of these messages are targeting financial institutions.
Banks in Qatar are starting to invest in artificial intelligence-powered protections to filter such malware and phishing threats. These AI-based technologies are used by Google, who claim that they can block "more than 99.9% of spam, phishing, and malware from ending up in user's inboxes", but still cannot stop all of them.
Other banks rely on the DMARC protocol (Domain-based Message Authentication, Reporting, and Conformance) to make it more difficult for scammers to impersonate individuals or institutions, but with less claimed effectiveness.
“Finally, there is a last group of banks that only rely on their secure email gateways which have proved to be ineffective many times in the past. The banking sector in Qatar admits that there is still much development to be done in this field,” KPMG noted.
